SafeMessage

The safer way of sharing secrets. 

The safer way of sharing sensitive information such as credentials, messages and many other sensitive items internally and externally, using a self-destruct mechanism, with the ability to track the delivery and usage.

Features

  • Fully Self-Hosted
  • Fully skinnable (html/css files fully separated from logic)
  • AES 256+ encryption at rest with bearer access token
  • SSL TLS 1.2 minimum encryption standard with string cipher suites.
  • Message instantly destroyed upon retrieval – no further sharing.
  • Maximum 3 attempts at retrieval when using pin code.
  • Time limitation, where you can set a start and end time, or pre-set quick-selection.
  • With time limits, message does not “exist” before the start, and will destroy after end time.
  • Without time limits, If the message is not retrieved within 30 days, it will self-destruct.
  • Ability to cancel a message by use of a cancellation link.
  • Supports desktop and mobile.
  • API for automated creation and delivery of messages.
  • Email, SMS and Log entry templating.
  • Simple JSON configuration file.
  • Optional use of a pin code for additional security, with a maximum of 3 attempts before destruction
  • Optional InfoSec emails for events
  • Optional sender notifications by email or SMS of retrieval attempts, delivery and destruction events.
  • Optional recipient notification by email of retrieval link
  • Optional whitelisting to restrict creation of messages, preventing public abuse.
  • Optional blacklist to restrict access, preventing public abuse.
  • Optional use and event logging.

 

A sample screen for creating a secret message

 

System requirements

  • Linux (tested on Centos (Redhat))
  • 1 core, 2G Ram
  • MySQL 5.6+ / MariaDB 10+

System recommendation

  • Linux Centos Stream 8 / Redhat, or any similar recent generation distribution.
  • 2 core, 2G Ram, disk use is minimal. (<1G for application)
  • MySQL 5.6+ / MariaDB 10+

Service requirements

  • SSL certificate for the selected domain
    Wildcard certificate accepted..

Optional services

  • Optional – Sendgrid account with API access.
  • Optional – SMS.TO account with API access.

Licensing options

  • One-off license purchase with binary delivery, license locked to specified domain(s).
  • One-off license purchase with source code, under NDA and non-resale, compete,
    distribute, for internal use only agreement.

Support

  • Bug and Updates support by email/ticket under maintenance support schema
    (first year included in license).